vulnerability
Huawei EulerOS: CVE-2024-28085: util-linux security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:S/C:N/I:P/A:N) | Mar 27, 2024 | Jun 26, 2024 | Apr 1, 2026 |
Severity
2
CVSS
(AV:L/AC:L/Au:S/C:N/I:P/A:N)
Published
Mar 27, 2024
Added
Jun 26, 2024
Modified
Apr 1, 2026
Description
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.
Solutions
huawei-euleros-2_0_sp11-upgrade-libblkidhuawei-euleros-2_0_sp11-upgrade-libfdiskhuawei-euleros-2_0_sp11-upgrade-libmounthuawei-euleros-2_0_sp11-upgrade-libsmartcolshuawei-euleros-2_0_sp11-upgrade-libuuidhuawei-euleros-2_0_sp11-upgrade-util-linuxhuawei-euleros-2_0_sp11-upgrade-util-linux-user
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.